update rh broken symptoms

refpolicy/policy/modules/system/init.if

@@ -77,11 +77,14 @@ interface(`init_daemon_domain',`
 		typeattribute $2 direct_init_entry;
 	')
 
-	# Red Hat systems seem to have a stray
+	ifdef(`hide_broken_symptoms',`
-	# fd open from the initrd
+		# Red Hat systems seem to have a stray
-	ifdef(`distro_redhat',`
+		# fds open from the initrd
-		kernel_dontaudit_use_fd($1)
+		ifdef(`distro_redhat',`
-		files_dontaudit_read_root_file($1)
+			kernel_dontaudit_use_fd($1)
+			storage_dontaudit_read_fixed_disk($1)
+			files_dontaudit_read_root_file($1)
+		')
 	')
 
 	ifdef(`targeted_policy',`
@@ -156,11 +159,14 @@ interface(`init_system_domain',`
 	allow $1 initrc_t:fifo_file rw_file_perms;
 	allow $1 initrc_t:process sigchld;
 
-	# Red Hat systems seem to have a stray
+	ifdef(`hide_broken_symptoms',`
-	# fd open from the initrd
+		# Red Hat systems seem to have a stray
-	optional_policy(`distro_redhat',`
+		# fds open from the initrd
-		kernel_dontaudit_use_fd($1)
+		ifdef(`distro_redhat',`
-		files_dontaudit_read_root_file($1)
+			kernel_dontaudit_use_fd($1)
+			storage_dontaudit_read_fixed_disk($1)
+			files_dontaudit_read_root_file($1)
+		')
 	')
 ')